﻿using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;

public partial class AddBook : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

        if (Session.GetCurrentUser() == null)
            Response.Redirect("~/Login/LoginForm.aspx?returnUrl=" + Request.Url.PathAndQuery);
        else
            if (Session.GetCurrentUser() != "Admin")
                Response.Redirect("~/Login/Permission.aspx");
  
    }
    protected void ButtonAdd_Click1(object sender, EventArgs e)
    {
        SqlConnection con = null;

        string sql = @"insert into Books(BookName, Author,Catalogue, Publisher,
                        PublishYear, Description, Cover)
                        values (@BookName, @Author,@Catalogue, @Publisher,
                        @PublishYear, @Description, @Cover) ";
        string url = ConfigurationManager.ConnectionStrings["LMSConnectionString"].ToString( );

        try
        {
            con = new SqlConnection(url);
            con.Open();
            SqlCommand cmd = new SqlCommand(sql, con);

            SqlParameter para = new SqlParameter("@BookName", System.Data.SqlDbType.NVarChar, 50);
            para.Value = TextName.Text;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@Author", System.Data.SqlDbType.NVarChar, 50);
            para.Value = TextAuthor.Text;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@Catalogue", System.Data.SqlDbType.NVarChar, 30);
            para.Value = TextCatalogue.SelectedItem.Value;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@Publisher", System.Data.SqlDbType.NVarChar, 50);
            para.Value = TextPublisher.Text;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@PublishYear", System.Data.SqlDbType.Int, 10);
            para.Value = TextYear.Text;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@Description", System.Data.SqlDbType.NText);
            para.Value = TextDescription.Text;
            cmd.Parameters.Add(para);

            para = new SqlParameter("@Cover", System.Data.SqlDbType.NText);
            para.Value = txtCover.Text;
            cmd.Parameters.Add(para);

            cmd.ExecuteNonQuery();
            LabelTest.Text = "Note: Book add successfully !";
        }
        catch (Exception)
        {

            LabelTest.Text = "Invalid input. Try again!";
        }
        finally
        {
            TextAuthor.Text = TextDescription.Text = TextName.Text = TextPublisher.Text = TextYear.Text
                =txtCover.Text = null;

            con.Close();
        }

    }
}